CVE-2011-4872: Infoleak
First published: Sun Feb 05 2012(Updated: )
Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Htc Desire Hd | =frg83d | |
| Htc Desire Hd | =gri40 | |
| Htc Desire S | =gri40 | |
| HTC Droid Incredible | =frf91 | |
| HTC EVO 3D | =gri40 | |
| HTC EVO 4G | =gri40 | |
| Htc Glacier | =frg83 | |
| Htc Sensation 4g | =gri40 | |
| Htc Sensation Z710e | =gri40 | |
| Htc Thunderbolt 4g | =frg83d |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- collector/nvd-historical
- agent/severity
- agent/weakness
- agent/type
- agent/event
- agent/references
- agent/author
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/htc
- canonical/htc desire hd
- version/htc desire hd/frg83d
- version/htc desire hd/gri40
- canonical/htc desire s
- version/htc desire s/gri40
- canonical/htc droid incredible
- version/htc droid incredible/frf91
- canonical/htc evo 3d
- version/htc evo 3d/gri40
- canonical/htc evo 4g
- version/htc evo 4g/gri40
- canonical/htc glacier
- version/htc glacier/frg83
- canonical/htc sensation 4g
- version/htc sensation 4g/gri40
- canonical/htc sensation z710e
- version/htc sensation z710e/gri40
- canonical/htc thunderbolt 4g
- version/htc thunderbolt 4g/frg83d